API Keys - Swagger
swagger.io › specification › authenticationX-API-Key: abcdef12345. or as a cookie : GET /something HTTP/1.1. Cookie: X-API-KEY=abcdef12345. API keys are supposed to be a secret that only the client and server know. Like Basic authentication, API key-based authentication is only considered secure if used together with other security mechanisms such as HTTPS/SSL.